Typically, the assessment of entities typically occurs via a static set of inquiries regardless of the security threat posed by the entity being queried. In this regard, in many instances the same set of inquiries are invoked for all entities requiring information security threat assessment regardless of the level of security threat posed by the entity, the type of entity, the volume of data exposed to the entity, the type of applications provided by or hosted by the entity or the like. In addition, the frequency at which inquiries are invoked typically occurs at the same rate for all entities regardless of the level of security threat posed by the entity, as well as, the various other aforementioned factors.
Therefore, a need exists to logically and analytically determine an entity-specific set of inquiries requiring input parameters and an entity-specific frequency for invoking the set of inquiries. The determination of the entity-specific set of inquiries and the frequency for invoking the set of inquiries should take into account the information security threat level posed by the entity, as well as, other entity-related factors, such as, the type of entity, the volume of data exposed to the entity, the type of applications provided by or hosted by the entity or the like.